Thomas Guettler writes:
... calling "__getitem__" during URL traversal ... It works 95%. Since no REQUEST is given to __getitem__ I get it like this:
if hasattr(self, 'REQUEST'): request=self.REQUEST
This or something differnt No, it does not -- see below. seems to change the result of getSecurityManager().getUser(): I always get the anonymous user. This is because authentication is done at the end of traversal.
When you use "__getitem__" during traversal, the user is not yet determined.
Does someone know why getUser() in __getitem__ is diffent than in other methods? It is not. Any method used during traversal will behave identically in this respect.
The next thing is working, but it is not nice: the call to __getitem__() returns the content of a file to the browser. But Zope misses the docstring of the string. I solved by adding the content to the request object and returning a function which returns this, but a nicer solution would be better: You can solve both problems by returning a wrapper object for your file.
Ensure, that your wrapper class inherits from "Acquisition.Explicit/Implicit" and that you wrap it in the objects context. Give its "__call__" method a docstring and let it render the file content. Protect it as you find useful. This way Zopes security mechanism ensures authorized access only. You can also replace "__getitem__" by "__bobo_traverse__" (when you like). Dieter